Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

There’s plenty of loaded terminology and buzzword bingo when it comes to the latest advances in cloud application delivery. Especially when it comes to multi-cloud – which should merely mean multiple cloud instances when modern cloud applications really leverage multiple hybrid IT operating models, atop both existing business silos and newer microservices application workloads.

Each business today requires user data to provide a better customer experience. The widespread use of data has triggered cyberattacks so much that they have become a part of software too. As per stats, there were 121 ransomware attacks in the first half of 2021. And these attacks are primarily in the form of fake software. This is where code signing and Enterprise Code Signing Certificate come into the picture.

The 1Password SCIM bridge is a powerful tool for businesses that want to use a password manager alongside an identity provider like Okta, Rippling, or Azure Active Directory. But if you haven’t used the SCIM bridge before, you might be wondering: What exactly is it? And does my company need a SCIM bridge?

With a growing number of organizations offering a remote or hybrid working option, many people are taking their workspaces home. Your team needs to know password hygiene best practices to ensure their home work environment is secure and protected. Sloppy employees who are not knowledgeable about password hygiene can pose a risk to themselves and their company. In fact, 82% of breaches involved a human element, according to Verizon’s 2022 DBIR.

Poor password practices are one of the biggest threats to enterprise cybersecurity. Stolen or compromised passwords cause over 80% of successful data breaches. When employees use weak passwords, reuse passwords across accounts, or store their passwords insecurely (sticky notes, spreadsheets, etc.), they put their employers at risk. Organizations often leverage enterprise password managers to alleviate poor employee password practices.

In some circles, October may be best known for hosting Halloween, but at Trustwave we know it as Cybersecurity Awareness Month. The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cybersecurity Alliance (NCSA), today kicked off the 19th annual Cybersecurity Awareness Month.

This blog examines some interesting aspects of the recent reforms to Australia's Security of Critical Infrastructure Act - specifically related to the new risk management obligations that have been introduced. We'll unpack some of the ambiguities that exist and remain to be clarified in this specific area of the reforms.

Chief Information Security Officers know all about the “Sea of troubles,” and they experience “slings and arrows” daily. In mid-September, we saw a breach of Uber that threatened to undo the company’s security program - for exposing a fairly easy path to super admin privileges across most (if not all) of its infrastructure and security tools like GSuite, AWS, and HackerOne private vulnerability reports. The stakes are high.

Artificial Intelligence’s ability to augment and support progress and development over the past few decades is inarguable. However, when does it become damaging, contradictory even? In our latest Beyond Data podcast AI’s Climate Jekyll & Hyde – friend and foe, Tessa Jones (our VP of Data Science, Research & Development) and Sophie Chase-Borthwick (our Data Ethics & Governance Lead) discuss exactly this with Joe Baguley, Vice President and Chief Technology Officer, EMEA, VMware.

As a CIO in charge of your organization's security, you're responsible for ensuring the security of your company's data. But with so many cybersecurity threats out there, it can be difficult to know where to start. Should you focus on conducting a vulnerability assessment? Or is a risk assessment more important? In this article, we will discuss vulnerability vs risk, cyber threats, and protecting sensitive data.